Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: Ga6kaGvKbww6jqjik3YkarVr9sZ06CWWGgfDQ7uv9dM=
Subject key identifier: 72:E9:66:8F:12:5A:69:59:34:6D:BE:3A:23:02:7F:A5:6D:A1:D2:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6294AE6C3418290B3370C93976185DFDBD1B73CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Mon 16 Jun 2025 21:40:53 +0000
ROA not before: Mon 16 Jun 2025 21:40:53 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:94:ae:6c:34:18:29:0b:33:70:c9:39:76:18:5d:fd:bd:1b:73:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:53 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=80393a59864a46be5cebc1a7bdba6c5cf03f3244acc75a565721f604772c4f4b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9f:61:8a:1f:61:27:de:c6:41:04:1d:f9:65:
dc:f0:85:c7:c9:a2:4f:fe:b0:a4:ed:de:15:bd:83:
28:a0:76:82:23:49:58:ba:91:a3:a2:8c:8f:43:02:
87:8c:8b:f5:54:04:0f:d7:c9:35:cd:71:c7:4d:44:
1d:ed:d5:b2:46:11:3d:10:43:69:14:38:60:ea:e3:
cf:06:88:38:c6:f0:4b:03:87:e9:4c:7b:c0:ff:ef:
06:6c:d0:a3:58:6c:3d:a4:86:31:aa:37:46:4c:ea:
86:23:35:53:99:70:3d:f6:52:0d:c5:7b:57:32:76:
dc:6d:f7:57:ab:e7:d7:f6:30:a2:89:40:23:e4:fb:
98:9d:0f:23:01:47:6e:33:c5:bf:00:f1:5b:b5:31:
c1:c0:70:e7:a8:a1:48:e7:48:d8:3e:df:df:85:7a:
0f:0c:bf:35:ec:f7:c6:d8:a3:02:41:07:29:c5:c0:
ab:3b:92:a5:e4:a1:19:32:9c:0d:93:b9:dc:36:bc:
67:06:76:aa:11:66:d1:1d:47:02:5e:e8:1d:38:16:
a8:3d:2e:f3:fa:63:75:0a:cd:09:7c:69:51:91:10:
b7:a7:93:6f:3c:d7:88:5b:7a:c1:e2:d8:58:0e:f7:
70:e7:8b:ee:b1:15:20:a0:e6:f3:29:d0:15:48:e5:
4e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E9:66:8F:12:5A:69:59:34:6D:BE:3A:23:02:7F:A5:6D:A1:D2:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
66:e5:6d:55:a9:1f:22:db:e0:be:8d:a7:e3:2d:13:a8:b0:79:
98:b6:0b:95:31:df:83:70:3a:e1:80:49:fe:c3:83:b8:9c:cc:
ae:06:75:a1:6a:99:a6:b7:f3:f0:f3:dc:5b:10:2e:e4:1a:04:
1f:0a:90:bc:7a:d4:f4:d0:09:6a:a1:3e:2d:a5:18:c0:6c:58:
16:09:f5:54:06:cf:f0:b1:86:21:a0:40:bf:3d:cd:06:77:76:
ff:3e:39:9e:1e:1f:b1:b6:ca:46:f4:65:8d:95:5d:14:1f:93:
4d:e4:d2:8f:61:09:98:6f:58:80:9b:0b:11:4b:5f:da:d2:6f:
c5:2b:59:39:a9:6f:e8:b9:2d:e0:bc:e5:cb:82:4a:e0:99:52:
41:b9:2a:01:0f:97:f8:22:81:16:9b:ee:03:4e:97:b2:a7:23:
9e:3b:6e:ab:82:9a:bc:c4:40:50:05:65:c4:00:c3:d0:fe:0c:
d4:bf:61:42:db:3a:06:64:14:a5:43:f8:9d:26:63:23:c3:6d:
ce:eb:c7:01:29:df:35:6c:c0:0d:98:2c:10:5c:fb:f4:5f:a3:
35:0f:d0:7f:87:e5:d3:b0:e6:4a:50:f2:31:fc:04:df:5d:c4:
8c:ee:c7:4c:53:1c:2f:f5:17:2a:eb:84:06:f8:04:60:2a:89:
d1:6e:a3:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYpSubDQYKQszcMk5dhhd/b0bc84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMzkzYTU5ODY0YTQ2YmU1Y2ViYzFhN2JkYmE2YzVjZjAzZjMyNDRhY2M3
NWE1NjU3MjFmNjA0NzcyYzRmNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqfYYofYSfexkEEHfll3PCFx8miT/6wpO3eFb2DKKB2giNJWLqRo6KMj0MC
h4yL9VQED9fJNc1xx01EHe3VskYRPRBDaRQ4YOrjzwaIOMbwSwOH6Ux7wP/vBmzQ
o1hsPaSGMao3RkzqhiM1U5lwPfZSDcV7VzJ23G33V6vn1/YwoolAI+T7mJ0PIwFH
bjPFvwDxW7UxwcBw56ihSOdI2D7f34V6Dwy/Nez3xtijAkEHKcXAqzuSpeShGTKc
DZO53Da8ZwZ2qhFm0R1HAl7oHTgWqD0u8/pjdQrNCXxpUZEQt6eTbzzXiFt6weLY
WA73cOeL7rEVIKDm8ynQFUjlTiUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRy6WaP
ElppWTRtvjojAn+lbaHSZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQBm5W1VqR8i2+C+jafjLROosHmYtguVMd+DcDrh
gEn+w4O4nMyuBnWhapmmt/Pw89xbEC7kGgQfCpC8etT00AlqoT4tpRjAbFgWCfVU
Bs/wsYYhoEC/Pc0Gd3b/PjmeHh+xtspG9GWNlV0UH5NN5NKPYQmYb1iAmwsRS1/a
0m/FK1k5qW/ouS3gvOXLgkrgmVJBuSoBD5f4IoEWm+4DTpeypyOeO26rgpq8xEBQ
BWXEAMPQ/gzUv2FC2zoGZBSlQ/idJmMjw23O68cBKd81bMANmCwQXPv0X6M1D9B/
h+XTsOZKUPIx/ATfXcSM7sdMUxwv9Rcq64QG+ARgKonRbqOv
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:34:15 2025 by rpki-client